#VU12311 Use of cryptographically weak PRNG in IBM DB2 - CVE-2018-1426
Published: May 1, 2018
Vulnerability identifier: #VU12311
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-1426
CWE-ID: CWE-338
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
IBM DB2
IBM DB2
Software vendor:
IBM Corporation
IBM Corporation
Description
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information and write arbitrary files on the target system.
The weakness exists due to IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which can result in duplicate Session IDs and a risk of duplicate key material. A remote attacker can gain access to potentially sensitive information and write arbitrary files.
The weakness exists due to IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which can result in duplicate Session IDs and a risk of duplicate key material. A remote attacker can gain access to potentially sensitive information and write arbitrary files.
Remediation
Install update from vendor's website.